Using HANS for making an in-game cheat menu?

Discussion in '3DS - Homebrew Development and Emulators' started by 100pcrack, Nov 29, 2015.

?

Do you think this is possible?

  1. Yes

  2. No

Results are only viewable after voting.
  1. 100pcrack
    OP

    100pcrack GBAtemp Advanced Fan

    Member
    197
    61
    Sep 18, 2015
    Hackin'
    Hello Gbatemp:
    Could that be possible?
    Thinking about a think like Gateway ingame cheat menu.
    With HANS we can return to HBL so we could make a pause game and go to cheatmenu.3dsx ?
     


  2. SANNIC789

    SANNIC789 GBAtemp Advanced Fan

    Member
    704
    91
    Oct 3, 2015
    United States
    pleas smea make it hapen :D
     
  3. Coleman_C18

    Coleman_C18 GBAtemp Fan

    Member
    429
    278
    Sep 1, 2015
    United States
    Returning to the HBL closes the app/game you were playing entirely.
     
    DesuIsSparta likes this.
  4. Raffle

    Raffle Member

    Newcomer
    27
    2
    Nov 6, 2015
    Brazil
    everything is possibl you just need to believe it :yay:
     
  5. JJTapia19

    JJTapia19 I fight for my friends.

    Member
    1,699
    1,064
    May 31, 2015
    Puerto Rico
    Maybe it's possble with a highly modified payload but not with hans by it self.
     
    Last edited by JJTapia19, Nov 29, 2015
    Minnow and Selim873 like this.
  6. MsMidnight

    MsMidnight part time fe modder

    Member
    1,753
    1,308
    Oct 12, 2015
    kys
    You can modify the ROM like Debug Yellow by thezzazzglitch. So if you apply it to the ROM itself its possible
     
  7. 101239

    101239 GBATemp Irregular

    Banned
    312
    158
    Oct 25, 2015
    United States
    Maybe Somewhere near you? ( ͡° ͜ʖ ͡°)
    If we can boot back to the hbmnu with hans im sure we can do this.
     
  8. JJTapia19

    JJTapia19 I fight for my friends.

    Member
    1,699
    1,064
    May 31, 2015
    Puerto Rico
    It's not hans, it's the payload what does that.
     
    DesuIsSparta likes this.
  9. delebile

    delebile Advanced Member

    Newcomer
    54
    139
    Aug 19, 2015
    Italy
    On the road
    Another way would be to edit the hans payload so that it creates a thread in game code that will run in the free executable space at the end of .text pages.
    In this custom thread we can try to make a simple RAM editor which loads a cheat file previously loaded in a buffer, and will run with the game code.
    That's my lil idea.
     
    JJTapia19 likes this.
  10. Mrrraou

    Mrrraou GBAtemp Advanced Maniac

    Member
    1,869
    2,167
    Oct 17, 2015
    France
    Not possible:
    .text size can't be edited because of exheaders and things that follows. Plus, memory problems would occur when trying to load cheats in RAM.
    A better idea would be to patch directly the code.bin to make the cheat you want.
    Making the game pause would maybe be possible when patching the home button code, as the payload does for screenshots. Then maybe something could be done here, but not sure, if the code runs in another service/process, the game RAM cannot be patched (with gspwn, maybe it can). And it would never run a 3DSX. Ever. (making it running a 3dsx that could access the game ram while running it would be as possible as your famous amiibohax that gives kernel exploit. :rofl2: I'm sorry but it makes me laugh so hard)
     
    Last edited by Mrrraou, Nov 29, 2015
    DesuIsSparta, TheCruel and VinsCool like this.
  11. delebile

    delebile Advanced Member

    Newcomer
    54
    139
    Aug 19, 2015
    Italy
    On the road
    I'm aware of how it works.
    But the memory pages are 0x1000 aligned, so there will be very little executable space between .text code end and .text page end.
    If i understood the sources well, this is how hans repairs game's code before launch it.
     
  12. Mrrraou

    Mrrraou GBAtemp Advanced Maniac

    Member
    1,869
    2,167
    Oct 17, 2015
    France
    Well, depending on games.
    And, I don't know where you saw that HANS was repairing "game's code", but... could you explain (or give a link to that part of the code) ?
     
  13. delebile

    delebile Advanced Member

    Newcomer
    54
    139
    Aug 19, 2015
    Italy
    On the road
    https://github.com/smealum/HANS/tree/master/loader
    I looked quicly at the sources, i can be wrong;
    The loader seems to overwrite the first 0x5000 bytes of the game code, which then gets repaired.
    In order to do this the loader places a stub at the very end of the .text page, which will re-jump at the game code once gspwn finished to copy the corrupted parte.

    My idea was to expand the stub code to create a custom thread.
    But the space is very little.
     
  14. 101239

    101239 GBATemp Irregular

    Banned
    312
    158
    Oct 25, 2015
    United States
    Maybe Somewhere near you? ( ͡° ͜ʖ ͡°)
    exACtly
     
  15. Mrrraou

    Mrrraou GBAtemp Advanced Maniac

    Member
    1,869
    2,167
    Oct 17, 2015
    France
    Well, in fact, it does. It copies stub.bin at the beginning of the .text first then runs it. But still, you would have to find where you are going to put the cheats inside memory without breaking the game. But, well, maybe it could be possible. Let's see if you can restore it and still having the thread running, too.

    — Posts automatically merged - Please don't double post! —

    What?
     
    JJTapia19 likes this.
  16. DarkFlare69

    DarkFlare69 GBAtemp Psycho!

    Member
    4,629
    2,465
    Dec 8, 2014
    United States
    Ohio
    The 14 people who voted for yes probably don't know how this kind of stuff works.
     
  17. GamerDudeK

    GamerDudeK GBAtemp Regular

    Member
    149
    105
    Sep 4, 2015
    Canada
    In-game, probably not.
    Out-of-game as a .3dsx or HANS option; plausible :)
     
  18. froggestspirit

    froggestspirit D/P/Pt Demix Guy

    Member
    1,066
    526
    Jul 28, 2011
    United States
    Cubic ninja amiibo deconfirmed!
     
  19. hacksn5s4

    hacksn5s4 Banned

    Banned
    4,332
    450
    Aug 12, 2015
    could make it so yo apply the cheats before you start the game and you hold a button combination the browser ramhack thing worked with out kernel exploit and rom hacks are possible on hans so i don't see why is would not
     
  20. MsMidnight

    MsMidnight part time fe modder

    Member
    1,753
    1,308
    Oct 12, 2015
    kys
    Smealum voted yes, and he made HANS
     

    Attached Files:

    GotKrypto67 likes this.